If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Using SoftICE

I'm not able to use softice properly on windows xp with sp 1. All the tutorials tell me to load a program using the symbol loader, but I can't load ordinary programs (which dont have debug info) using symbol loader. And even when i load a program, softice doesnt automatically start. I'll have to press ctrl+d. and it wouldnt have loaded the program. And i dont know how else to load a program.just pressing f12 (or p ret) will cycle between diferent running programs, but it comes to a process called system a couple of times and my computer just freezes and i'll have to shutdown my computer dirtily. There was a file i had to install for it to work on windows xp sp 1 and i have installed it and it still doesnt work. And pretty much everything else the tutorials tell me to do wont work. Can someone please point me to a nice tutorial? or should i use something else for cracking? any info/opinion would be appreciated. thanks.

SoftICE is a KERNEL mode debugger. It is global to the entire operating system and can see everything, it lies underneath the entire OS. This means when you pop a cntrl-D, you are going to be sitting somewhere in the middle of Windows memory and stepping around in there will quickly crash your OS. If you want to attach to a process you need a userland debugger like IDApro (I think IDA does kernel as well,but will attach to user processes) or OllyDebug. If you want to use SoftICE, use the ADDR command to see the running processes or change the address context. That and learn breakpoints,breakpoints,breakpoints. SoftICE has some very powerful breakpoint expression capabilities that make it such an incredible tool.

-Maestr0

\"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier

Winston: I have the softice version for Xp. I've tried different versions and all do the same things. I've tried *both* the driver-studio 2.6 version which says it supports xp and the 4.05 which works on xp with a replacement driver.

Maestr0: Thank you. I'll try using addr. As I said, I'm not able to do what those tutorials are telling me to do. I can't load a program that doesn't have debug information using the symbol loader. Even if it does have debug info and it loads, it doesn't automatically start the softice window, contrary to what those tutorials say. Do you know of any good tutorials?